jk-jenkins-cli
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill demonstrates a strong security posture by explicitly forbidding the exposure of Jenkins credentials, tokens, or configuration files in agent responses.
- [COMMAND_EXECUTION]: While the skill executes CLI commands to interact with Jenkins, it implements a 'read-first' approach. It requires the agent to perform inspection before state-changing operations and mandates human confirmation for actions like triggering builds, approving input steps, or cancelling jobs.
- [PROMPT_INJECTION]: The skill processes potentially untrusted external data from Jenkins build logs. The risk of indirect prompt injection is mitigated through instructions that require the agent to summarize findings and obtain explicit authorization before acting on information found in logs.
Audit Metadata